• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Golang roll.Core类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Golang中github.com/xtraclabs/roll/roll.Core的典型用法代码示例。如果您正苦于以下问题:Golang Core类的具体用法?Golang Core怎么用?Golang Core使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



在下文中一共展示了Core类的17个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。

示例1: Handler

//Handler creates a much with handlers for all routes in the roll application
func Handler(core *roll.Core) http.Handler {
	mux := http.NewServeMux()

	//Wrap roll services with the auth checker if booted in secure mode
	if core.Secure() {
		rollClientID := os.Getenv("ROLL_CLIENTID")
		if rollClientID == "" {
			panic(errors.New("Cannot run in secure mode without a client ID to white list (from ROLL_CLIENTID env variable)"))
		}

		whitelist := []string{rollClientID}
		mux.Handle(DevelopersBaseURI, authzwrapper.Wrap(core.SecretsRepo, core.AdminRepo, whitelist, handleDevelopersBase(core)))
		mux.Handle(DevelopersURI, authzwrapper.Wrap(core.SecretsRepo, core.AdminRepo, whitelist, handleDevelopers(core)))
		mux.Handle(ApplicationsURI, authzwrapper.Wrap(core.SecretsRepo, core.AdminRepo, whitelist, handleApplications(core)))
		mux.Handle(ApplicationsBaseURI, authzwrapper.Wrap(core.SecretsRepo, core.AdminRepo, whitelist, handleApplicationsBase(core)))
		mux.Handle(JWTFlowCertsURI, authzwrapper.Wrap(core.SecretsRepo, core.AdminRepo, whitelist, handleJWTFlowCerts(core)))
	} else {
		mux.Handle(DevelopersBaseURI, authzwrapper.WrapUnsecure(handleDevelopersBase(core)))
		mux.Handle(DevelopersURI, authzwrapper.WrapUnsecure(handleDevelopers(core)))
		mux.Handle(ApplicationsURI, authzwrapper.WrapUnsecure(handleApplications(core)))
		mux.Handle(ApplicationsBaseURI, authzwrapper.WrapUnsecure(handleApplicationsBase(core)))
		mux.Handle(JWTFlowCertsURI, authzwrapper.WrapUnsecure(handleJWTFlowCerts(core)))
	}

	mux.Handle(AuthorizeBaseURI, handleAuthorize(core))
	mux.Handle(ValidateBaseURI, handleValidate(core))
	mux.Handle(OAuth2TokenBaseURI, handleToken(core))
	mux.Handle(TokenInfoURI, handleTokenInfo(core))
	return mux
}
开发者ID:xtraclabs,项目名称:roll,代码行数:31,代码来源:handlers.go


示例2: handleGetPublicKey

func handleGetPublicKey(core *roll.Core, w http.ResponseWriter, r *http.Request) {
	//Extract client id
	clientID := strings.TrimPrefix(r.RequestURI, JWTFlowCertsURI)
	if clientID == "" {
		respondError(w, http.StatusBadRequest, errors.New("Resource not specified"))
		return
	}

	log.Info("retrieve public key for application: ", clientID)

	//Retrieve the app definition. Note that here since we are only returning publically
	//available information, we do not have to apply the data security model
	app, err := core.SystemRetrieveApplication(clientID)
	if err != nil {
		log.Info("error retrieving application")
		respondError(w, http.StatusInternalServerError, errReadingApplicationRecord)
		return
	}

	if app == nil {
		log.Info("application not found")
		respondError(w, http.StatusNotFound, nil)
		return
	}

	pk := publicKeyCtx{
		PublicKey: app.JWTFlowPublicKey,
	}

	respondOk(w, &pk)
}
开发者ID:xtraclabs,项目名称:roll,代码行数:31,代码来源:jwtflowcert.go


示例3: retrieveApplication

func retrieveApplication(clientID string, core *roll.Core, w http.ResponseWriter, r *http.Request) {
	log.Info("ret appl called: ", clientID)
	if clientID == "" {
		respondError(w, http.StatusBadRequest, errors.New("Resource not specified"))
		return
	}

	subject, scope, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	app, err := core.RetrieveApplication(clientID, subject, scope)
	if err != nil {
		respondError(w, http.StatusInternalServerError, err)
		return
	}

	if app == nil {
		respondNotFound(w)
		return
	}

	respondOk(w, app)
}
开发者ID:xtraclabs,项目名称:roll,代码行数:26,代码来源:apps.go


示例4: retrieveDeveloper

func retrieveDeveloper(email string, core *roll.Core, w http.ResponseWriter, r *http.Request) {
	if !roll.ValidateEmail(email) {
		respondError(w, http.StatusBadRequest, fmt.Errorf("Invalid email: %s", email))
		return
	}

	subject, scope, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	dev, err := core.RetrieveDeveloper(email, subject, scope)
	if err != nil {
		respondError(w, http.StatusInternalServerError, err)
		return
	}

	if dev == nil {
		respondNotFound(w)
		return
	}

	respondOk(w, dev)
}
开发者ID:xtraclabs,项目名称:roll,代码行数:25,代码来源:developers.go


示例5: generateSignedCode

func generateSignedCode(core *roll.Core, subject, scope string, app *roll.Application) (string, error) {
	privateKey, err := core.RetrievePrivateKeyForApp(app.ClientID)
	if err != nil {
		return "", err
	}

	token, err := rolltoken.GenerateCode(subject, scope, app.ClientID, privateKey)
	return token, err
}
开发者ID:xtraclabs,项目名称:roll,代码行数:9,代码来源:authz.go


示例6: generateJWT

func generateJWT(subject, scope string, core *roll.Core, app *roll.Application) (string, error) {
	privateKey, err := core.RetrievePrivateKeyForApp(app.ClientID)
	if err != nil {
		return "", err
	}

	token, err := rolltoken.GenerateToken(subject, scope, app.ClientID, app.ApplicationName, privateKey)
	return token, err
}
开发者ID:xtraclabs,项目名称:roll,代码行数:9,代码来源:authz.go


示例7: lookupApplicationFromFormClientID

func lookupApplicationFromFormClientID(core *roll.Core, r *http.Request) (*roll.Application, error) {
	app, err := core.SystemRetrieveApplication(r.Form["client_id"][0])
	if err != nil {
		return nil, err
	}

	if app == nil {
		return nil, errors.New("Invalid client id")
	}

	return app, nil
}
开发者ID:xtraclabs,项目名称:roll,代码行数:12,代码来源:authz.go


示例8: lookupApplicatioByAudience

func lookupApplicatioByAudience(core *roll.Core, audience string) (*roll.Application, error) {
	app, err := core.SystemRetrieveApplicationByJWTFlowAudience(audience)
	if err != nil {
		log.Info("Error retrieving app data: ", err.Error())
		return nil, ErrRetrievingAppData
	}

	if app == nil {
		log.Info("invalid client id")
		return nil, errors.New("Invalid client id")
	}

	return app, nil
}
开发者ID:xtraclabs,项目名称:roll,代码行数:14,代码来源:token.go


示例9: lookupApplication

func lookupApplication(core *roll.Core, clientID string) (*roll.Application, error) {
	app, err := core.SystemRetrieveApplication(clientID)
	if err != nil {
		log.Info("Error retrieving app data: ", err.Error())
		return nil, ErrRetrievingAppData
	}

	if app == nil {
		log.Info("Invalid client id: ", clientID)
		return nil, errors.New("Invalid client id")
	}

	return app, nil
}
开发者ID:xtraclabs,项目名称:roll,代码行数:14,代码来源:token.go


示例10: listApplications

func listApplications(core *roll.Core, w http.ResponseWriter, r *http.Request) {
	subject, scope, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	apps, err := core.ListApplications(subject, scope)
	if err != nil {
		respondError(w, http.StatusInternalServerError, err)
		return
	}

	respondOk(w, apps)
}
开发者ID:xtraclabs,项目名称:roll,代码行数:15,代码来源:apps.go


示例11: validateClientSecret

func validateClientSecret(core *roll.Core, r *http.Request, clientID, clientSecret string) (*roll.Application, error) {

	app, err := core.SystemRetrieveApplication(clientID)
	if err != nil {
		return nil, errReadingApplicationRecord
	}

	if app == nil {
		return nil, errApplicationNotFound
	}

	if clientSecret != app.ClientSecret {
		return nil, errInvalidClientSecret
	}

	return app, nil
}
开发者ID:xtraclabs,项目名称:roll,代码行数:17,代码来源:jwtflowcert.go


示例12: validateScopes

func validateScopes(core *roll.Core, r *http.Request) (bool, error) {
	scope := r.FormValue(oauth2Scope)
	log.Info("validating scope", scope)
	if scope == "" {
		return true, nil
	}

	scopeParts := strings.Fields(scope)
	if len(scopeParts) > 1 || scopeParts[0] != adminScope {
		log.Info("scope not allowed")
		return false, nil
	}

	subject := r.FormValue("username")
	validAdmin, err := core.IsAdmin(subject)
	if err != nil {
		return false, err
	}

	return validAdmin, nil
}
开发者ID:xtraclabs,项目名称:roll,代码行数:21,代码来源:authz.go


示例13: handleDeveloperPut

func handleDeveloperPut(core *roll.Core, w http.ResponseWriter, r *http.Request) {
	var dev roll.Developer
	if err := parseRequest(r, &dev); err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	if err := dev.Validate(); err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	log.Printf("Handling put with payload %v", dev)

	email := strings.TrimPrefix(r.RequestURI, DevelopersURI)

	//If the user included the email inf the body we ignore it. Ignoring it lets us reuse the
	//developer struct for parsing the request, instead of having a projection of the developer
	//structure used to parse the input
	dev.Email = email

	//Extract the subject from the request header based on security mode
	subject, _, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		log.Print("Error extracting subject:", err.Error())
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	//Set the developer id to the subject
	dev.ID = subject

	//Store the developer information
	if err := core.StoreDeveloper(&dev); err != nil {
		respondError(w, http.StatusInternalServerError, err)
		return
	}

	respondOk(w, nil)
}
开发者ID:xtraclabs,项目名称:roll,代码行数:40,代码来源:developers.go


示例14: validateInputParams

func validateInputParams(core *roll.Core, r *http.Request) (*roll.Application, error) {
	responseType := r.FormValue("response_type")
	if responseType != "token" && responseType != "code" {
		return nil, errors.New("response_type must be code or token")
	}

	//Client id is application key
	clientID := r.FormValue("client_id")
	app, err := core.SystemRetrieveApplication(clientID)
	if err != nil {
		return nil, err
	}

	if app == nil {
		return nil, errors.New("Invalid client id")
	}

	redirectURI := r.FormValue("redirect_uri")
	if app.RedirectURI != redirectURI {
		return nil, errors.New("redirect_uri does not match registered redirect URIs")
	}

	return app, nil
}
开发者ID:xtraclabs,项目名称:roll,代码行数:24,代码来源:authz.go


示例15: handleApplicationPost

func handleApplicationPost(core *roll.Core, w http.ResponseWriter, r *http.Request) {
	var app roll.Application
	if err := parseRequest(r, &app); err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Assign a client ID
	id, err := core.GenerateID()
	if err != nil {
		respondError(w, http.StatusInternalServerError, err)
		return
	}

	app.ClientID = id

	//Validate the content
	if err := app.Validate(); err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Extract the subject from the request header based on security mode
	subject, _, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		log.Print("Error extracting subject:", err.Error())
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	app.DeveloperID = subject

	//Store the application definition
	log.Info("storing app def: ", app)
	err = core.CreateApplication(&app)
	if err != nil {
		log.Info("Error storing app def: ", err.Error())
		switch err.(type) {
		case *repos.DuplicateAppdefError:
			respondError(w, http.StatusConflict, err)
		default:
			respondError(w, http.StatusInternalServerError, err)
		}

		return
	}

	//Generate a private/public key pair
	log.Info("Generate key pair")
	private, public, err := secrets.GenerateKeyPair()
	if err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Store keys in secrets vault
	log.Info("store key pair in vault")
	err = core.StoreKeysForApp(id, private, public)
	if err != nil {
		respondError(w, http.StatusInternalServerError, err)
		return
	}

	//Return the client id
	log.Info("return client id: ", id)
	clientID := ApplicationCreatedResponse{ClientID: id}

	respondOk(w, clientID)

}
开发者ID:xtraclabs,项目名称:roll,代码行数:70,代码来源:apps.go


示例16: handleApplicationPut

func handleApplicationPut(core *roll.Core, w http.ResponseWriter, r *http.Request) {
	var app roll.Application
	if err := parseRequest(r, &app); err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Make sure we use the clientID in the resource not any clientID sent in the JSON.
	clientID := strings.TrimPrefix(r.RequestURI, ApplicationsURI)
	if clientID == "" {
		respondError(w, http.StatusBadRequest, nil)
		return
	}

	app.ClientID = clientID

	//Validate the content
	if err := app.Validate(); err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Extract the subject from the request header based on security mode
	subject, adminScope, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		log.Print("Error extracting subject:", err.Error())
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	//Retrieve the app definition to update
	storedApp, err := core.RetrieveApplication(clientID, subject, adminScope)
	if err != nil {
		respondError(w, http.StatusInternalServerError, err)
		return
	}

	if storedApp == nil {
		respondError(w, http.StatusNotFound, nil)
		return
	}

	//Copy over the potential updates
	storedApp.ApplicationName = app.ApplicationName
	storedApp.DeveloperEmail = app.DeveloperEmail
	storedApp.LoginProvider = app.LoginProvider
	storedApp.RedirectURI = app.RedirectURI
	storedApp.DeveloperID = app.DeveloperID

	//Store the application definition
	log.Info("updating app def: ", app)
	err = core.UpdateApplication(&app, subject)

	if err != nil {
		log.Info("Error updating definition: ", err.Error())
		switch err.(type) {
		case roll.NonOwnerUpdateError:
			respondError(w, http.StatusUnauthorized, err)
		case roll.NoSuchApplicationError:
			respondError(w, http.StatusNotFound, err)
		default:
			respondError(w, http.StatusInternalServerError, err)
		}
	}

	respondOk(w, nil)
}
开发者ID:xtraclabs,项目名称:roll,代码行数:67,代码来源:apps.go


示例17: handleCertPut

func handleCertPut(core *roll.Core, w http.ResponseWriter, r *http.Request) {
	//Extract client id
	clientID := strings.TrimPrefix(r.RequestURI, JWTFlowCertsURI)
	if clientID == "" {
		respondError(w, http.StatusNotFound, errors.New("Resource not specified"))
		return
	}

	log.Info("Putting cert for client_id: ", clientID)

	//Extract the subject from the request header based on security mode
	subject, _, err := subjectAndAdminScopeFromRequestCtx(r)
	if err != nil {
		log.Print("Error extracting subject: ", err.Error())
		respondError(w, http.StatusInternalServerError, nil)
		return
	}

	//Parse body
	var certCtx CertPutCtx
	if err := parseRequest(r, &certCtx); err != nil {
		log.Info("Error parsing request body: ", err.Error())
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Check body content
	log.Info("Checking content")
	err = checkBodyContent(certCtx)
	if err != nil {
		log.Info("Problem with content: ", err.Error())
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Validate client secret
	log.Info("validating client secret")
	app, err := validateClientSecret(core, r, clientID, certCtx.ClientSecret)
	if err != nil {
		switch err {
		case errApplicationNotFound:
			respondNotFound(w)
		case errInvalidClientSecret:
			respondError(w, http.StatusUnauthorized, nil)
		default:
			respondError(w, http.StatusInternalServerError, err)
		}
		return
	}

	//Extract public key from cert
	log.Info("Extract public key")
	publicKeyPEM, err := extractPublicKeyFromCert(certCtx.CertPEM)
	if err != nil {
		respondError(w, http.StatusBadRequest, err)
		return
	}

	//Update the app with the public key. Note here we are adding the cert to the retrieved application
	//attributes.
	log.Info("Update app with signing key, etc")
	app.JWTFlowPublicKey = publicKeyPEM
	app.JWTFlowIssuer = certCtx.CertIssuer
	app.JWTFlowAudience = certCtx.CertAudience
	err = core.UpdateApplication(app, subject)
	if err != nil {
		switch err.(type) {
		case roll.NonOwnerUpdateError:
			respondError(w, http.StatusUnauthorized, err)
		case roll.NoSuchApplicationError:
			respondError(w, http.StatusNotFound, err)
		case roll.MissingJWTFlowIssuer:
			respondError(w, http.StatusBadRequest, err)
		case roll.MissingJWTFlowAudience:
			respondError(w, http.StatusBadRequest, err)
		default:
			respondError(w, http.StatusInternalServerError, err)
		}

		return
	}

	respondOk(w, nil)
}
开发者ID:xtraclabs,项目名称:roll,代码行数:84,代码来源:jwtflowcert.go



注:本文中的github.com/xtraclabs/roll/roll.Core类示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Golang context.Context类代码示例发布时间:2022-05-28
下一篇:
Golang roll.Application类代码示例发布时间:2022-05-28
热门推荐
热门话题
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap